Microsoft has recently released the .NET 3.0 Framework – July CTP. Pam has put together a great page that consolidates the various resources available to help with Cardspace. It inspired me to upgrade our test website to the July CTP. Here is the new URL: https://infocard.pingidentity.com/sp/login.jsp.
The server will do the following:
- decrypt the xmlToken and retrieve the SAML assertion.
- validate the SAML assertion for schema, time expiry, signature etc.
- retrieve user attributes to create a local session.
- Once the user attributes are retrieved, the server can federate to other domains using SAML 1.X, SAML 2.0 or WS-Fed.
Here is a summary of what you need to do for the client side (I only tried it on XP).
- Download and install Internet Explorer 7 Beta 3 for Windows XP Service Pack 2 . It’s available for download from here. If you already have an older version of IE7 running, you need to uninstall it before installing the new one. And you might have issues in uninstalling. If you do, look here for instructions.
- Download and install .NET Runtime Framework 3.0 – July CTP. It’s available for download from here. You will also need to have a hotfix (KB912817). The installer will assist you in that.
- You should now see the following Cardspace icon in your control panel.
- Click on the icon and create some self-issued information cards.
- Login to the test site https://infocard.pingidentity.com/sp/login.jsp.
The installation of IE and .NET 3.0 will take a few window’s restarts….so be prepared. But in general, the whole client setup process shouldn’t take that long.
I did notice some minor changes in the new version. For instance:
- the icon is called as ‘Cardspace’ and not ‘Digital Identities”.
- New look and feel for the Cardspace GUI and some more options.
- In the html object tag, the object type is “application/x-informationcard”. It used to be “application/x-informationCard” in the Mix 06 release and “application/x-infocard” in the Feb CTP release.
- The format for requiredclaims has changed from “GivenName” to “givenname” etc.
- I haven’t completely tested this one but I suppose the current CardSpace supports SAML 1.1 whereas the older ones had SAML 1.0 support for self-issued cards.
So…if you are interested, give it a try. If you face any issues, please let me know.